feat(auth): allow to verify PublicKey with platform format PK
In some platform the digest of the public key saved in the OTP is not
the digest of the exact same public key buffer needed to check the
signature. Typically, platform checks signature using the DER ROTPK
whereas some others add some related information. Add a new platform
weak function to transform the public key buffer used by
verify_signature to a platform specific public key.
Mark this new weak function as deprecated as it will be replaced
by another framework implementation.
Change-Id: I71017b41e3eca9398cededf317ad97e9b511be5f
Signed-off-by: Nicolas Toromanoff <nicolas.toromanoff@st.com>
Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
diff --git a/docs/about/release-information.rst b/docs/about/release-information.rst
index c0875b6..6c05aec 100644
--- a/docs/about/release-information.rst
+++ b/docs/about/release-information.rst
@@ -67,6 +67,11 @@
+================================+=============+=========+=========================================================+
| STM32MP_USE_STM32IMAGE macro | Dec '21 | 2.7 | FIP is the recommended boot method for STM32MP |
+--------------------------------+-------------+---------+---------------------------------------------------------+
+| plat_convert_pk() function | Nov'22 | Next | Platform conversion to manage specific PK hash |
+| | | release | |
+| | | after | |
+| | | 2.8 | |
++--------------------------------+-------------+---------+---------------------------------------------------------+
--------------
diff --git a/docs/getting_started/porting-guide.rst b/docs/getting_started/porting-guide.rst
index 9019e83..7f38054 100644
--- a/docs/getting_started/porting-guide.rst
+++ b/docs/getting_started/porting-guide.rst
@@ -809,6 +809,34 @@
either could not be updated or the authentication image descriptor indicates
that it is not allowed to be updated.
+Function: plat_convert_pk()
+~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+::
+
+ Argument : void *, unsigned int, void **, unsigned int *
+ Return : int
+
+This function is optional when Trusted Board Boot is enabled, and only
+used if the platform saves a hash of the ROTPK.
+First argument is the Distinguished Encoding Rules (DER) ROTPK.
+Second argument is its size.
+Third argument is used to return a pointer to a buffer, which hash should
+be the one saved in OTP.
+Fourth argument is a pointer to return its size.
+
+Most platforms save the hash of the ROTPK, but some may save slightly different
+information - e.g the hash of the ROTPK plus some related information.
+Defining this function allows to transform the ROTPK used to verify
+the signature to the buffer (a platform specific public key) which
+hash is saved in OTP.
+
+The default implementation copies the input key and length to the output without
+modification.
+
+The function returns 0 on success. Any other value means the expected
+public key buffer cannot be extracted.
+
Dynamic Root of Trust for Measurement support (in BL31)
-------------------------------------------------------